transparent proxy for all users of domain

[Timothy Prepscius <ti...@gmail.com>]

I guess this is a popular question.

Is there a wiki for this anywhere?
I've been searching for a definitive how to.  Somehow difficult to find.


I'm moving my sending mechanism to a static ip.

But I want to keep that static ip server to the bare minimum.  (aws micro instance + elastic ip)

..

So I need to setup a james instance which does nothing but proxy messages for all users from my domain to wherever they are going.
I would like to keep this james instance from knowing anything about the users nor delivering mail to the users etc.  I would like it not to have a database (if possible).  I would like the bare minimum for security.


What I think I'm going to end up doing is:

1.  create new james from fresh download
2.  comment out all of the pop3 / jmx stuff from the configuration files.
3.  create and modify the smtp configuration file to allow sending from a user?

Is this roughly correct?

Is there an easy way to ensure that mails are never cached to any disk or db?


Is there anything else I need to do?  What happens if the mail is instantaneously rejected?  Is the connection still open to the originating james server?  Or does the proxy server somehow need to know where to send errors back to?

Thanks!

-tim
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org

Re: transparent proxy for all users of domain

[Timothy Prepscius <ti...@gmail.com>]

Sorry to be spammy.  But.   [I guess I'm spammy today ;-)]


Since I am looking for a no-cache solution for james.
I've been looking into just doing a socks proxy against the static ip.

I will start up james, create a ProxySelector which does all ips except for 127.*/192.* and ssh proxy them directly via the
externally facing static ip aws instance.


Is there any red flag that goes off in your head for this?

-tim


On Jun 18, 2012, at 12:23 PM, Timothy Prepscius wrote:

> I have been reading all of the emails from others on this topic.
> I can't find one which describes how to setup this bare minimum james proxy server. 
> (I understand the gateway stuff from the originating machine)
> 
> On Jun 18, 2012, at 12:21 PM, Timothy Prepscius wrote:
> 
>> I guess this is a popular question.
>> 
>> Is there a wiki for this anywhere?
>> I've been searching for a definitive how to.  Somehow difficult to find.
>> 
>> 
>> I'm moving my sending mechanism to a static ip.
>> 
>> But I want to keep that static ip server to the bare minimum.  (aws micro instance + elastic ip)
>> 
>> ..
>> 
>> So I need to setup a james instance which does nothing but proxy messages for all users from my domain to wherever they are going.
>> I would like to keep this james instance from knowing anything about the users nor delivering mail to the users etc.  I would like it not to have a database (if possible).  I would like the bare minimum for security.
>> 
>> 
>> What I think I'm going to end up doing is:
>> 
>> 1.  create new james from fresh download
>> 2.  comment out all of the pop3 / jmx stuff from the configuration files.
>> 3.  create and modify the smtp configuration file to allow sending from a user?
>> 
>> Is this roughly correct?
>> 
>> Is there an easy way to ensure that mails are never cached to any disk or db?
>> 
>> 
>> Is there anything else I need to do?  What happens if the mail is instantaneously rejected?  Is the connection still open to the originating james server?  Or does the proxy server somehow need to know where to send errors back to?
>> 
>> Thanks!
>> 
>> -tim
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org

Re: transparent proxy for all users of domain

[Timothy Prepscius <ti...@gmail.com>]

I have been reading all of the emails from others on this topic.
I can't find one which describes how to setup this bare minimum james proxy server. 
(I understand the gateway stuff from the originating machine)

On Jun 18, 2012, at 12:21 PM, Timothy Prepscius wrote:

> I guess this is a popular question.
> 
> Is there a wiki for this anywhere?
> I've been searching for a definitive how to.  Somehow difficult to find.
> 
> 
> I'm moving my sending mechanism to a static ip.
> 
> But I want to keep that static ip server to the bare minimum.  (aws micro instance + elastic ip)
> 
> ..
> 
> So I need to setup a james instance which does nothing but proxy messages for all users from my domain to wherever they are going.
> I would like to keep this james instance from knowing anything about the users nor delivering mail to the users etc.  I would like it not to have a database (if possible).  I would like the bare minimum for security.
> 
> 
> What I think I'm going to end up doing is:
> 
> 1.  create new james from fresh download
> 2.  comment out all of the pop3 / jmx stuff from the configuration files.
> 3.  create and modify the smtp configuration file to allow sending from a user?
> 
> Is this roughly correct?
> 
> Is there an easy way to ensure that mails are never cached to any disk or db?
> 
> 
> Is there anything else I need to do?  What happens if the mail is instantaneously rejected?  Is the connection still open to the originating james server?  Or does the proxy server somehow need to know where to send errors back to?
> 
> Thanks!
> 
> -tim


---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org